Mercurial > hg > extraction-interface

comparison interface/save_tag_element.php @ 0:b12c99b7c3f0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
commit for previous development
author Zoe Hong <zhong@mpiwg-berlin.mpg.de>
date Mon, 19 Jan 2015 17:13:49 +0100
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:b12c99b7c3f0
1 <?php
2 header("Content-Type: text/html;charset=utf-8");
3
4 include_once('config.php');
5
6 $link_mysql = mysql_connect($mysql_server, $mysql_user, $mysql_password);
7 mysql_query("SET NAMES utf8");
8
9 if (!$link_mysql) {
10 die('Could not connect: ' . mysql_error());
11 }
12
13 $db_selected = mysql_select_db($mysql_database, $link_mysql);
14 if (!$db_selected) {
15 die ('Can\'t use foo : ' . mysql_error());
16 }
17
18 if (!function_exists("GetSQLValueString")) {
19 function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
20 {
21 $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
22
23 $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
24
25 switch ($theType) {
26 case "text":
27 $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
28 break;
29 case "long":
30 case "int":
31 $theValue = ($theValue != "") ? intval($theValue) : "NULL";
32 break;
33 case "double":
34 $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
35 break;
36 case "date":
37 $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
38 break;
39 case "defined":
40 $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
41 break;
42 }
43 return $theValue;
44 }
45 }
46
47 if ($_POST['id']){
48
49 if ( stripslashes($_POST['type'])=="delete" ) {
50 $queryInsert = sprintf("DELETE FROM `taglist` WHERE `id` = %s", stripslashes($_POST['id']));
51 $resultInsert = mysql_query($queryInsert);
52 }
53
54 if (get_magic_quotes_gpc()) {
55 $id = stripslashes($_POST['id']);
56 $name = stripslashes($_POST['name']);
57 $tag = stripslashes($_POST['tag']);
58 $color = stripslashes($_POST['color']);
59 $type = stripslashes($_POST['type']);
60 } else {
61 $id = $_POST['id'];
62 $name = $_POST['name'];
63 $tag = $_POST['tag'];
64 $color = $_POST['color'];
65 $type = $_POST['type'];
66 }
67
68 if ( $type=="insert" ) {
69 $query1 = sprintf("INSERT INTO `taglist` (`id`, `name`, `tag`, `color`, `systemName`) VALUES (%s, %s, %s, %s, %s)",
70 GetSQLValueString($id, "int"),
71 GetSQLValueString($name, "text"),
72 GetSQLValueString($tag, "text"),
73 GetSQLValueString($color, "text"),
74 GetSQLValueString($systemNAME, "text"));
75 $result1 = mysql_query($query1);
76 } else {
77 $queryInsert = sprintf("UPDATE taglist SET `name`=%s, `tag`=%s, `color`=%s WHERE `id`=%s",
78 GetSQLValueString($name, "text"),
79 GetSQLValueString($tag, "text"),
80 GetSQLValueString($color, "text"),
81 GetSQLValueString($id, "int"));
82 $resultInsert = mysql_query($queryInsert);
83 }
84 }
85 ?>